<?php
require_once($_SERVER['DOCUMENT_ROOT'].'/all.conf.php');
require_once(__PHY_WEB.__DIR_ADM.'/admin.inc.php');
require_once(__PHY_LIB.'/class/aFunc.class.php');

$rReq = validate($_REQUEST, 'action:u|user_id:n|funcs:r');
$sMsg = '';
$sAction = (in_array($rReq['action'], array('list', 'update')) ? $rReq['action'] : 'list');
if ('update' == $sAction) {
	$oUser = new aUser($rReq['user_id']);
	if (!is_array($rReq['funcs'])) {
		$sMsg .= '功能参数错误'.$_br;
	}
	elseif ($_SESSION['ADM_USER_ID'] != $oUser->get('parent_id')) {
		$sMsg .= '你不是这个用户的领导，不能修改TA的权限'.$_br;
	}
	else {
		foreach ($rReq['funcs'] as $nFuncID => $sLevel) {
			$oUser->setAccess($nFuncID, strtoupper($sLevel));
		}
		$sMsg .= '权限设定完成'.$_br;
	}
	$sAction = 'list';
}
if ('list' == $sAction) {
	$oAdmUserList = new aUserList();
	$oAdmUserList->cfgWhere("parent_id='{$_SESSION['ADM_USER_ID']}'");
	$oAdmUserList->cfgOrder("user_ename");
	$oAdmUserList->load();
	if (0 < $oAdmUserList->countResult()) {
		$oTpl->assign('rUsers', $oAdmUserList->fetchArray());

		$oAdmFuncList = new aFuncList();
		$oAdmFuncList->cfgOrder("group_cname,func_cname");
		$oAdmFuncList->load();
		$rFuncs = $oAdmFuncList->fetchArray();
		/// 该下属的现有权限 ///
		if ($rReq['user_id']) {
			$oUser = new aUser($rReq['user_id']);
			$oTpl->assign('rNowUser', $oUser->getData());
			foreach ($rFuncs as $k => $r) {
				$rFuncs[$k]['level'] = $oUser->getAccess($r['id']);
			}
		}
		/// 我的现有权限 ///
		foreach ($rFuncs as $k => $r) {
			$rFuncs[$k]['grantable'] = (7 <= $_ME->getAccess($r['id']) ? true : false);
		}
		$oTpl->assign('rFuncs', $rFuncs);
	}
}

$oTpl->assign('sMsg', $sMsg);
$oTpl->assign('sAction', $sAction);
$oTpl->display(dirname(__FILE__).'/'.basename(__FILE__, '.php').'.tpl');
?>
